» souris.exe
Overview
Analysis
File Details
Downloads (1)

souris.exe

The application souris.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from les.zinseparables.free.fr.

File name:

souris.exe

Description:

Virtual Viagra

Version:

1.0

MD5:

81d6608d365553332b24d7010bfa3db5

SHA-1:

84755b2ac2d7d89d7ae65beb5c1c3fc7af382153

SHA-256:

52d9642c0148b215088b1fee8da5325a3f0067fa69132e75477e67e702f3d053

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 4:04:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.ViagraJoke.A

1150

Avira AntiVirus

JOKE/MouseZoom

7.11.122.108

AVG

Joke

2014.0.3543

Baidu Antivirus

Trojan.Win32.VirtualViagra

4.0.3.131127

Bitdefender

Application.ViagraJoke.A

1.0.20.1205

Bkav FE

W32.Clode6c.Trojan

1.3.0.4613

Clam AntiVirus

Joke.ViagRa-2

0.98/18155

Comodo Security

Joke.Win32.Viagra.~A

17507

Dr.Web

Joke.Mousefx.884

9.0.1.0241

Emsisoft Anti-Malware

Application.ViagraJoke

8.13.08.29.05

ESET NOD32

Win32/Joke.VirtualViagra

7.9190

Fortinet FortiGate

Riskware/VirtualViagra

8/29/2013

F-Prot

W32/Malware!483f

v6.4.7.1.166

G Data

Application.ViagraJoke

13.8.22

IKARUS anti.virus

not-a-virus.Joke.ViagRa

t3scan.2.2.29

K7 AntiVirus

Trojan

13.174.10644

Malwarebytes

Joke.VV

v2013.08.29.05

McAfee

Joke-Viagra

5600.7181

MicroWorld eScan

Application.ViagraJoke.A

14.0.0.723

NANO AntiVirus

Riskware.Win32.Viagra.icvh

0.28.0.57029

Norman

Suspicious_Gen2.VJP

11.20130829

nProtect

Trojan/W32.Agent.444252

13.12.26.02

Panda Antivirus

Joke/Viagra

13.08.29.05

Reason Heuristics

Unnamed.Threat.46

14.3.1.0

Rising Antivirus

PE:Trojan.Win32.Generic.12A374B3!312702131

23.00.65.13827

VIPRE Antivirus

Trojan.Win32.Generic

24800

XVirus List

Win.Detected

2.3.31

File size:

433.8 KB (444,252 bytes)

Product version:

1.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\souris.exe

File PE Metadata

Compilation timestamp:

12/10/1998 9:53:22 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

6144:JoMO4e/JcVB+dJj+ZU12+r1Q+UmUWcC7VfJVgbJo:gT/JcVB+7+OoAkPC7VfJVgbJo

Entry address:

0x7B40

Entry point:

55, 89, E5, 83, EC, 50, 55, B8, FF, FF, FF, FF, 50, 50, 68, C0, B7, 40, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 68, 68, 0B, 41, 00, E8, 75, 01, 00, 00, 59, E8, C2, 17, 00, 00, E8, CB, D3, FF, FF, 3D, 00, 00, 00, 00, 75, 08, 6A, FF, E8, 8A, C5, FF, FF, 59, E8, B6, 3C, 00, 00, E8, 11, 3F, 00, 00, FF, 15, 34, 73, 44, 00, 89, 45, B4, EB, 39, 8D, 80, 00, 00, 00, 00, 8B, 55, B4, 80, 3A, 22, 75, 28, FF, 45, B4, EB, 06, 8D, 40, 00, FF, 45, B4, 8B, 55, B4, 80, 3A, 00, 74, 08, 8B, 55, B4, 80, 3A... 
[+]

Entropy:

5.6607

Packer / compiler:

REALbasic

Code size:

46.5 KB (47,616 bytes)

The file souris.exe has been seen being distributed by the following URL.

http://les.zinseparables.free.fr/souris.exe

Remove souris.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.